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Continued Examination Under 37 CFR 1.114 

1. A request for continued examination under 37 CFR 1.114, including the 
fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since 
this application is eligible for continued examination under 37 CFR 1.114, and the fee 
set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office 
action has been withdrawn pursuant to 37 CFR 1.114. Applicants submission filed on 
January 11, 2006 has been entered. 

Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 1-2, 11-13, 25 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Sit et al. (U.S. Patent No.: 6,349,336 B1) in view of Underwood (U.S. 
Patent No.: 6,718,535 B1). 



Referring to claim 1 : 
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i. Sit et al. teach: 

A secure system for transferring data, the system comprising: 

A client system (see e.g. figure 5, item 3141; and column 7, lines 

17-19 of Sit etal.); 

A server (see e.g. figure 5, item 308E; and column 7, lines 19-22 of 

Sit et al.); 

A secure system interposed between the client system and the 
server for controlling communications between the client system and the server, the 
security system including: 

A first proxy system (see e.g. figure 5, item 306 of Sit et al.) and a 
second proxy system (see e.g. figure 5, item 312 of Sit et al.), the first proxy system 
coupled between the client system and the second proxy system (see e.g. figure 5, 
items 308I, 306, 312; and column 7, lines 15-25 of Sit et al.) and the second proxy 
system coupled between the server and the first proxy system (see e.g. figure 5, item 
308E, 312, 306 of Sit et al.); 

A firewall coupled between the first proxy system and the second 
proxy system (see figure 5, items 312, 305, 306 of Sit et al.), firewall restricting data flow 
between the first proxy system the second proxy system to outbound communications 
(see figure 5, item 305; and column 7, lines 26-28 of Sit et al.). 

However, Sit et al. do not specifically mention using a single port on 
the firewall. Sit et al. also do not specifically mention that the system supports file 
transfer protocol (FTP). 

ii. Underwood teaches a system for providing an activity framework 
wherein the system funnels all traffic through a single port on the firewall instead of 
using a different port number for each application (see column 280, lines 35-38 of 
Underwood). Underwood further discloses that proxy services are specialized 
applications or server programs that run on a firewall host, which take users' requests 
for Internet services (such as FTP and TELNET) and forward them, as appropriate 
according to the site's security policy, to the actual services. The proxies provide 
replacement connections and act as gateways to the services. For this reason, proxies 
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are sometimes known as Application Level Gateways (see column 104, lines 65-67; and 
column 105, lines 1-5 of Underwood). 

iii. It would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to combine the teaching of Underwood into the system 
of Sit et al. to use a single port on the firewall. It would have been obvious to a person 
of ordinary skill in the art at the time the invention was made to combine the teaching of 
Underwood into the system of Sit et al. to support FTP. 

iv. The ordinary skilled person would have been motivated to have 
applied the teaching of Underwood into the system of Sit et al. to use a single port on 
the firewall, because it's well-known in the art of the computer network that using a 
single port on the firewall, instead of opening multiple ports, increases the security of 
the network. The ordinary skilled person would have been motivated to have applied 
the teaching of Underwood into the system of Sit et al. to support FTP, because most 
application gateway firewalls provide proxy service for the most common Internet 
protocols, such as FTP, HTTP, HTTPS, etc. (see column 278, lines 13-15 of 
Underwood). 

Referring to claim 2 : 

Sit et al. and Underwood teach the claimed subject matter: a secure 
system for transferring data (see claim 1 above). Sit et al. further disclose that the client 
system will send the request to the first proxy system. The first proxy system will 
forward the request to the second proxy system, via the single port in the firewall, and 
the second proxy system will establish a connection with the server (see e.g. figure 5, 
items 308I, 306, 305, 312, 308E; and column 7, lines 34-40 of Sit et al.). 

Referring to claim 11 : 

Sit et al. and Underwood teach the claimed subject matter: a secure 
system for transferring data (see claim 1 above). Sit et al. further disclose the system 
comprising a plurality of clients and a plurality of servers to transfer data through the 
single port in the firewall (see figure 5, items 3101, 3081, 3141, 3161, 31 0E, 308E, 314E, 
31 6E; and column 7, lines 15-25 of Sit et al.). 

Referring to claim 12 : 
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This claim has limitations which is similar to those of claim 1, thus it is 
rejected with the same rationale applied against claim 1 above. 
Referring to claim 13 : 

This claim has limitations which is similar to those of claim 2, thus it is 
rejected with the same rationale applied against claim 2 above. 
Referring to claim 25 : 

This claim has limitations which is similar to those of claim 11, thus it is 
rejected with the same rationale applied against claim 1 1 above. 



4. Claims 3-4, 14-15 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Sit et al. (U.S. Patent No. 6,349,336) in view of Underwood (U.S. 
Patent No.: 6,718,535 B1), and further in view of Fan et al. (U.S. Patent No. 
6,219,706). 

Referring to claim 3 : 

i. Sit et al. and Underwood teach the claimed subject matter: a 
secure system for transferring FTP data (see claim 1 above). However, Sit et al. and 
Underwood are silent about the command ( or control ) channel in FTP data transfer. 

ii. Fan et al. teach a control channel. The control channel is used to 
initiate the FTP (File Transfer Protocol) connection between the client and the server 
(see column 2, lines 12-14 of Fan et al.). 

iii. It would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to apply the teaching of Fan et al. into the system of Sit 
et al. and Underwood to use the command (or control) channel in FTP data transfer. 

iv. The ordinary skilled person would have been motivated to have 
applied the teaching of Fan et al. into the system of Sit et al. and Underwood to use the 
command (or control) channel in FTP data transfer, so as to protect sensitive resources 
such as engineering workgroup server or financial databases from unauthorized users 
(see column 1 , lines 24-26 of Fan et al.). 
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Referring to claim 4 : 

i. Sit et al. and Underwood teach the claimed subject matter: a 
secure system for transferring FTP data (see claim 1 above). However, Sit et al. and 
Underwood are silent about transferring a representation of a socket from server to the 
client. 

ii. Fan et al. disclose the process of setting up a FTP data connection. 
Via the control channel mentioned in claim 3, the client and server negotiate a port 
number for data channel (see column 2, lines 14-17 of Fan et al.). 

iii. It would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to apply the teaching of Fan et al. into the system of Sit 
et al. and Underwood to transfer a representation of a socket from the server to the 
client. 

iv. The ordinary skilled person would have been motivated to have 
applied the teaching of Fan et al. into the system of Sit et al. and Underwood to transfer 
a representation of a socket from the server to the client, so as to protect sensitive 
resources such as engineering workgroup server or financial databases from 
unauthorized users (see column 1, lines 24-26 of Fan et al.). 

Referring to claim 14 : 

This claim has limitations which is similar to those of claim 3, thus it is 
rejected with the same rationale applied against claim 3 above. 
Referring to claim 15 : 

This claim has limitations which is similar to those of claim 4, thus it is 
rejected with the same rationale applied against claim 4 above. 

5. Claims 5-10, 16-24 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Sit et al. (U.S. Patent No. 6,349,336) in view of Underwood (U.S. 
Patent No.: 6,718,535 B1), further in view of Fan et al. (U.S. Patent No. 6,219,706), 
and further in view of Albert et al. (U.S. Patent No. 6,687,222). 



Application/Control Number: 10/006,484 Page 7 

Art Unit: 2135 

Referring to claim 5 : 

i. Sit et al., Underwood and Fan et al. teach the claimed subject 
matter: a secure system for transferring FTP data (see claim 4 above). However, they 
do not teach modifying the IP address in the socket. 

ii. Albert et al. teach to modify the IP address of the host in a packet 
before forwarding the packet on to client (see figure 3A, item 302; and column 12, lines 
29-33 of Albert et al.). 

iii. It would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to apply the teaching of Albert et al. into the system of 
Sit et al., Underwood and Fan et al. to modify the IP address of the host in a packet 
before forwarding the packet to the client. 

iv. The ordinary skilled person would have been motivated to have 
applied the teaching of Albert et al. into the system of Sit et al., Underwood and Fan et 
al. to modify the IP address of the host in a packet before forwarding the packet to the 
client, thus enabling a device that is protected by a firewall to be controlled by a device 
external to the firewall (see column 1 , lines 10-12 of Sit et al.). 

Referring to claim 6 : 

Sit et al., Underwood, Fan et al. and Albert et al. teach the claimed subject 
matter: a secure system for transferring FTP data (see claim 4 above). Sit et al. further 
disclose that the client system transmits a request through said security system for data 
located on the server (see figure 5, items 308I, 306; and column 7, lines 34-40 of Sit et 
al.). 

Referring to claim 7 : 

Sit et al., Underwood, Fan et al. and Albert et al. teach the claimed subject 
matter: a secure system for transferring FTP data (see claim 4 above). Sit et al. further 
disclose that the first proxy server forwards the request to the second proxy server via 
the single port on the firewall, and on to the data server (see figure 5, items 306, 305, 
312, 308E; and column 7, lines 34-40 of Sit et al.). 

Referring to claim 8 : 
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This claim has limitations which is similar to those of claim 5, thus it is 
rejected with the same rationale applied against claim 5 above. 
Referring to claim 9 : 

Sit et al., Underwood, Fan et al. and Albert et al. teach the claimed subject 
matter: a secure system for transferring FTP data (see claim 4 above). Sit et al. further 
disclose that the server transmits data through said security system to first proxy (see 
e.g. figure 5, items 308E, 312, 305, 306; and column 7, lines 34-40 of Sit et al.). 
Referring to claim 10 : 

Sit et al., Underwood, Fan et al. and Albert et al. teach the claimed subject 
matter: a secure system for transferring FTP data (see claim 4 above). Sit et al. further 
disclose that the first proxy transmits data to the client system (see e.g. figure 5, items 
306, 308I; and column 7, lines 34-40 of Sit et al.). 
Referring to claims 16,17,18 : 

These claims have limitations which is similar to those of claim 5, thus 
they are rejected with the same rationale applied against claim 5 above. 
Referring to claim 19. 22 : 

These claims have limitations which is similar to those of claim 6, thus 
they are rejected with the same rationale applied against claim 6 above. 
Referring to claim 20 : 

This claim has limitations which is similar to those of claim 7, thus it is 
rejected with the same rationale applied against claim 7 above. 
Referring to claim 21 : 

This claim has limitations which is similar to those of claim 8, thus it is 
rejected with the same rationale applied against claim 8 above. 
Referring to claim 23 : 

This claim has limitations which is similar to those of claim 9, thus it is 
rejected with the same rationale applied against claim 9 above. 
Referring to claim 24 : 

This claim has limitations which is similar to those of claim 10, thus it is 
rejected with the same rationale applied against claim 10 above. 
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Response to Arguments 

6. Applicant's arguments filed on January 11, 2006 have been fully 
considered but they are moot due to the new grounds of rejections. 

7. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

(a) Schoettger (U.S. Pub. No.: 2002/0069366 A1) discloses a method for 
providing an external client access to a device that is protected by a firewall. 

(b) Fangman et al. (U.S. Pub. No.: 2002/0141352 A1) disclose a system 
for IP telephony. 

(c) Do (U.S. Pub. No.: 2002/0007338 A1) discloses a method for 
conducting bidding sessions in various methods to arrive at the highest or lowest price. 

Conclusion 

8. Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Joseph Pan whose telephone number is 571-272- 
5987. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Kim Vu can be reached at 571-272-3859. The fax and phone 
numbers for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Any inquiry of a general nature or relating to the status of this application 
or proceeding should be directed to the receptionist whose telephone number is 571- 
272-2100. 
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